]> source.dussan.org Git - sonarqube.git/blob
837ac1681a8f8c8ba38c5ef78abb1445ec699463
[sonarqube.git] /
1 // Jest Snapshot v1, https://goo.gl/fbAQLP
2
3 exports[`should follow and complete all steps: .NET: gitlab-ci.yml 1`] = `
4 "image: mcr.microsoft.com/dotnet/sdk:7.0
5
6 variables:
7   SONAR_USER_HOME: "\${CI_PROJECT_DIR}/.sonar"  # Defines the location of the analysis task cache
8   GIT_DEPTH: "0"  # Tells git to fetch all the branches of the project, required by the analysis task
9
10 stages:
11   - sonarqube-check
12   - sonarqube-vulnerability-report
13
14 sonarqube-check:
15   stage: sonarqube-check
16   
17   script: 
18       - "dotnet tool install --global dotnet-sonarscanner"
19       - "export PATH=\\"$PATH:$HOME/.dotnet/tools\\""
20       - "dotnet sonarscanner begin /k:\\"my-project\\" /d:sonar.token=\\"$SONAR_TOKEN\\" /d:\\"sonar.host.url=$SONAR_HOST_URL\\" "
21       - "dotnet build"
22       - "dotnet sonarscanner end /d:sonar.token=\\"$SONAR_TOKEN\\""
23   allow_failure: true
24   rules:
25     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
26     - if: $CI_COMMIT_BRANCH == 'master'
27     - if: $CI_COMMIT_BRANCH == 'main'
28     - if: $CI_COMMIT_BRANCH == 'develop'
29
30 sonarqube-vulnerability-report:
31   stage: sonarqube-vulnerability-report
32   script:
33     - 'curl -u "\${SONAR_TOKEN}:" "\${SONAR_HOST_URL}/api/issues/gitlab_sast_export?projectKey=my-project&branch=\${CI_COMMIT_BRANCH}&pullRequest=\${CI_MERGE_REQUEST_IID}" -o gl-sast-sonar-report.json'
34   allow_failure: true
35   rules:
36     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
37     - if: $CI_COMMIT_BRANCH == 'master'
38     - if: $CI_COMMIT_BRANCH == 'main'
39     - if: $CI_COMMIT_BRANCH == 'develop'
40   artifacts:
41     expire_in: 1 day
42     reports:
43       sast: gl-sast-sonar-report.json
44 "
45 `;
46
47 exports[`should follow and complete all steps: CPP - manual: gitlab-ci.yml 1`] = `
48 "image: gcc
49
50 variables:
51   SONAR_USER_HOME: "\${CI_PROJECT_DIR}/.sonar"  # Defines the location of the analysis task cache
52   GIT_DEPTH: "0"  # Tells git to fetch all the branches of the project, required by the analysis task
53   BUILD_WRAPPER_OUT_DIR: build_wrapper_output_directory # Directory where build-wrapper output will be placed
54
55 stages:
56   - get-binaries
57   - build-analyze
58   - sonarqube-vulnerability-report
59
60 get-binaries:
61   stage: get-binaries
62   cache:
63     policy: push
64     key: "\${CI_COMMIT_SHORT_SHA}"
65     paths:
66       - sonar-scanner/
67       - build-wrapper/
68   script:
69     # Download sonar-scanner
70     - curl -sSLo ./sonar-scanner.zip 'https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-6.1.0.4477-linux-x64.zip'
71     - unzip -o sonar-scanner.zip
72     - mv sonar-scanner-6.1.0.4477-linux-x64 sonar-scanner
73     # Download build-wrapper
74     - curl -sSLo ./build-wrapper-linux-x86.zip "$SONAR_HOST_URL/static/cpp/build-wrapper-linux-x86.zip"
75     - unzip -o build-wrapper-linux-x86.zip
76     - mv build-wrapper-linux-x86 build-wrapper
77
78   rules:
79     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
80     - if: $CI_COMMIT_BRANCH == 'master'
81     - if: $CI_COMMIT_BRANCH == 'main'
82     - if: $CI_COMMIT_BRANCH == 'develop'
83
84 build:
85   stage: build-analyze
86   script:
87     - build-wrapper/build-wrapper-linux-x86-64 --out-dir "\${BUILD_WRAPPER_OUT_DIR}" <your clean build command>
88     - sonar-scanner/bin/sonar-scanner --define sonar.host.url="\${SONAR_HOST_URL}" --define sonar.cfamily.compile-commands="\${BUILD_WRAPPER_OUT_DIR}/compile_commands.json"
89   cache:
90     policy: pull
91     key: "\${CI_COMMIT_SHORT_SHA}"
92     paths:
93     - sonar-scanner/
94     - build-wrapper/
95
96 sonarqube-vulnerability-report:
97   stage: sonarqube-vulnerability-report
98   script:
99     - 'curl -u "\${SONAR_TOKEN}:" "\${SONAR_HOST_URL}/api/issues/gitlab_sast_export?projectKey=my-project&branch=\${CI_COMMIT_BRANCH}&pullRequest=\${CI_MERGE_REQUEST_IID}" -o gl-sast-sonar-report.json'
100   allow_failure: true
101   rules:
102     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
103     - if: $CI_COMMIT_BRANCH == 'master'
104     - if: $CI_COMMIT_BRANCH == 'main'
105     - if: $CI_COMMIT_BRANCH == 'develop'
106   artifacts:
107     expire_in: 1 day
108     reports:
109       sast: gl-sast-sonar-report.json
110 "
111 `;
112
113 exports[`should follow and complete all steps: CPP: gitlab-ci.yml 1`] = `
114 "image: gcc
115
116 variables:
117   SONAR_USER_HOME: "\${CI_PROJECT_DIR}/.sonar"  # Defines the location of the analysis task cache
118   GIT_DEPTH: "0"  # Tells git to fetch all the branches of the project, required by the analysis task
119   
120
121 stages:
122   - get-binaries
123   - sonarqube-check
124   - sonarqube-vulnerability-report
125
126 get-binaries:
127   stage: get-binaries
128   cache:
129     policy: push
130     key: "\${CI_COMMIT_SHORT_SHA}"
131     paths:
132       - sonar-scanner/
133       
134   script:
135     # Download sonar-scanner
136     - curl -sSLo ./sonar-scanner.zip 'https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-6.1.0.4477-linux-x64.zip'
137     - unzip -o sonar-scanner.zip
138     - mv sonar-scanner-6.1.0.4477-linux-x64 sonar-scanner
139     
140   rules:
141     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
142     - if: $CI_COMMIT_BRANCH == 'master'
143     - if: $CI_COMMIT_BRANCH == 'main'
144     - if: $CI_COMMIT_BRANCH == 'develop'
145
146 sonarqube-check:
147   stage: sonarqube-check
148   dependencies:
149     - get-binaries
150   cache:
151     policy: pull
152     key: "\${CI_COMMIT_SHORT_SHA}"
153     paths:
154       - sonar-scanner/
155
156   script: sonar-scanner/bin/sonar-scanner --define sonar.host.url="\${SONAR_HOST_URL}" 
157   allow_failure: true
158   rules:
159     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
160     - if: $CI_COMMIT_BRANCH == 'master'
161     - if: $CI_COMMIT_BRANCH == 'main'
162     - if: $CI_COMMIT_BRANCH == 'develop'
163
164 sonarqube-vulnerability-report:
165   stage: sonarqube-vulnerability-report
166   script:
167     - 'curl -u "\${SONAR_TOKEN}:" "\${SONAR_HOST_URL}/api/issues/gitlab_sast_export?projectKey=my-project&branch=\${CI_COMMIT_BRANCH}&pullRequest=\${CI_MERGE_REQUEST_IID}" -o gl-sast-sonar-report.json'
168   allow_failure: true
169   rules:
170     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
171     - if: $CI_COMMIT_BRANCH == 'master'
172     - if: $CI_COMMIT_BRANCH == 'main'
173     - if: $CI_COMMIT_BRANCH == 'develop'
174   artifacts:
175     expire_in: 1 day
176     reports:
177       sast: gl-sast-sonar-report.json
178 "
179 `;
180
181 exports[`should follow and complete all steps: CPP: sonar-project.properties 1`] = `
182 "sonar.projectKey=my-project
183 sonar.qualitygate.wait=true
184 "
185 `;
186
187 exports[`should follow and complete all steps: Dart: gitlab-ci.yml 1`] = `
188 "image: ghcr.io/cirruslabs/flutter:stable
189
190 variables:
191   SONAR_USER_HOME: "\${CI_PROJECT_DIR}/.sonar"  # Defines the location of the analysis task cache
192   GIT_DEPTH: "0"  # Tells git to fetch all the branches of the project, required by the analysis task
193
194 stages:
195   - get-binaries
196   - sonarqube-check
197   - sonarqube-vulnerability-report
198
199 get-binaries:
200   stage: get-binaries
201   cache:
202     policy: push
203     key: "\${CI_COMMIT_SHORT_SHA}"
204     paths:
205       - sonar-scanner/
206       
207   script:
208     # Download sonar-scanner
209     - curl -sSLo ./sonar-scanner.zip 'https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-6.1.0.4477-linux-x64.zip'
210     - unzip -o sonar-scanner.zip
211     - mv sonar-scanner-6.1.0.4477-linux-x64 sonar-scanner
212     
213   rules:
214     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
215     - if: $CI_COMMIT_BRANCH == 'master'
216     - if: $CI_COMMIT_BRANCH == 'main'
217     - if: $CI_COMMIT_BRANCH == 'develop'
218
219 sonarqube-check:
220   stage: sonarqube-check
221   
222   script: 
223     - <commands to build your project>
224     - sonar-scanner/bin/sonar-scanner --define sonar.host.url="\${SONAR_HOST_URL}"
225   allow_failure: true
226   rules:
227     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
228     - if: $CI_COMMIT_BRANCH == 'master'
229     - if: $CI_COMMIT_BRANCH == 'main'
230     - if: $CI_COMMIT_BRANCH == 'develop'
231
232 sonarqube-vulnerability-report:
233   stage: sonarqube-vulnerability-report
234   script:
235     - 'curl -u "\${SONAR_TOKEN}:" "\${SONAR_HOST_URL}/api/issues/gitlab_sast_export?projectKey=my-project&branch=\${CI_COMMIT_BRANCH}&pullRequest=\${CI_MERGE_REQUEST_IID}" -o gl-sast-sonar-report.json'
236   allow_failure: true
237   rules:
238     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
239     - if: $CI_COMMIT_BRANCH == 'master'
240     - if: $CI_COMMIT_BRANCH == 'main'
241     - if: $CI_COMMIT_BRANCH == 'develop'
242   artifacts:
243     expire_in: 1 day
244     reports:
245       sast: gl-sast-sonar-report.json
246 "
247 `;
248
249 exports[`should follow and complete all steps: Dart: sonar-project.properties 1`] = `
250 "sonar.projectKey=my-project
251 sonar.qualitygate.wait=true
252 "
253 `;
254
255 exports[`should follow and complete all steps: Gradle: gitlab-ci.yml 1`] = `
256 "image: gradle:8.2.0-jdk17-jammy
257
258 variables:
259   SONAR_USER_HOME: "\${CI_PROJECT_DIR}/.sonar"  # Defines the location of the analysis task cache
260   GIT_DEPTH: "0"  # Tells git to fetch all the branches of the project, required by the analysis task
261
262 stages:
263   - sonarqube-check
264   - sonarqube-vulnerability-report
265
266 sonarqube-check:
267   stage: sonarqube-check
268   
269   script: gradle sonar
270   allow_failure: true
271   rules:
272     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
273     - if: $CI_COMMIT_BRANCH == 'master'
274     - if: $CI_COMMIT_BRANCH == 'main'
275     - if: $CI_COMMIT_BRANCH == 'develop'
276
277 sonarqube-vulnerability-report:
278   stage: sonarqube-vulnerability-report
279   script:
280     - 'curl -u "\${SONAR_TOKEN}:" "\${SONAR_HOST_URL}/api/issues/gitlab_sast_export?projectKey=my-project&branch=\${CI_COMMIT_BRANCH}&pullRequest=\${CI_MERGE_REQUEST_IID}" -o gl-sast-sonar-report.json'
281   allow_failure: true
282   rules:
283     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
284     - if: $CI_COMMIT_BRANCH == 'master'
285     - if: $CI_COMMIT_BRANCH == 'main'
286     - if: $CI_COMMIT_BRANCH == 'develop'
287   artifacts:
288     expire_in: 1 day
289     reports:
290       sast: gl-sast-sonar-report.json
291 "
292 `;
293
294 exports[`should follow and complete all steps: Groovy: build.gradle 1`] = `
295 "plugins {
296   id "org.sonarqube" version "5.1.0.4882"
297 }
298
299 sonar {
300   properties {
301     property "sonar.projectKey", "my-project"
302     property "sonar.projectName", "MyProject"
303     property "sonar.qualitygate.wait", true 
304   }
305 }"
306 `;
307
308 exports[`should follow and complete all steps: Kotlin: build.gradle.kts 1`] = `
309 "plugins {
310   id ("org.sonarqube") version "5.1.0.4882"
311 }
312
313 sonar {
314   properties {
315     property("sonar.projectKey", "my-project")
316     property("sonar.projectName", "MyProject")
317     property("sonar.qualitygate.wait", true)
318   }
319 }"
320 `;
321
322 exports[`should follow and complete all steps: Maven: gitlab-ci.yml 1`] = `
323 "image: maven:3-eclipse-temurin-17
324
325 variables:
326   SONAR_USER_HOME: "\${CI_PROJECT_DIR}/.sonar"  # Defines the location of the analysis task cache
327   GIT_DEPTH: "0"  # Tells git to fetch all the branches of the project, required by the analysis task
328
329 stages:
330   - sonarqube-check
331   - sonarqube-vulnerability-report
332
333 sonarqube-check:
334   stage: sonarqube-check
335   
336   script: 
337     - mvn verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar
338   allow_failure: true
339   rules:
340     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
341     - if: $CI_COMMIT_BRANCH == 'master'
342     - if: $CI_COMMIT_BRANCH == 'main'
343     - if: $CI_COMMIT_BRANCH == 'develop'
344
345 sonarqube-vulnerability-report:
346   stage: sonarqube-vulnerability-report
347   script:
348     - 'curl -u "\${SONAR_TOKEN}:" "\${SONAR_HOST_URL}/api/issues/gitlab_sast_export?projectKey=my-project&branch=\${CI_COMMIT_BRANCH}&pullRequest=\${CI_MERGE_REQUEST_IID}" -o gl-sast-sonar-report.json'
349   allow_failure: true
350   rules:
351     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
352     - if: $CI_COMMIT_BRANCH == 'master'
353     - if: $CI_COMMIT_BRANCH == 'main'
354     - if: $CI_COMMIT_BRANCH == 'develop'
355   artifacts:
356     expire_in: 1 day
357     reports:
358       sast: gl-sast-sonar-report.json
359 "
360 `;
361
362 exports[`should follow and complete all steps: Maven: pom.xml 1`] = `
363 "<properties>
364   <sonar.projectKey>my-project</sonar.projectKey>
365   <sonar.projectName>MyProject</sonar.projectName>
366   <sonar.qualitygate.wait>true</sonar.qualitygate.wait>
367 </properties>"
368 `;
369
370 exports[`should follow and complete all steps: Other: gitlab-ci.yml 1`] = `
371 "image: 
372     name: sonarsource/sonar-scanner-cli:latest
373     entrypoint: [""]
374
375 variables:
376   SONAR_USER_HOME: "\${CI_PROJECT_DIR}/.sonar"  # Defines the location of the analysis task cache
377   GIT_DEPTH: "0"  # Tells git to fetch all the branches of the project, required by the analysis task
378
379 stages:
380   - sonarqube-check
381   - sonarqube-vulnerability-report
382
383 sonarqube-check:
384   stage: sonarqube-check
385   
386   script: 
387     - sonar-scanner --define sonar.host.url="\${SONAR_HOST_URL}"
388   allow_failure: true
389   rules:
390     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
391     - if: $CI_COMMIT_BRANCH == 'master'
392     - if: $CI_COMMIT_BRANCH == 'main'
393     - if: $CI_COMMIT_BRANCH == 'develop'
394
395 sonarqube-vulnerability-report:
396   stage: sonarqube-vulnerability-report
397   script:
398     - 'curl -u "\${SONAR_TOKEN}:" "\${SONAR_HOST_URL}/api/issues/gitlab_sast_export?projectKey=my-project&branch=\${CI_COMMIT_BRANCH}&pullRequest=\${CI_MERGE_REQUEST_IID}" -o gl-sast-sonar-report.json'
399   allow_failure: true
400   rules:
401     - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
402     - if: $CI_COMMIT_BRANCH == 'master'
403     - if: $CI_COMMIT_BRANCH == 'main'
404     - if: $CI_COMMIT_BRANCH == 'develop'
405   artifacts:
406     expire_in: 1 day
407     reports:
408       sast: gl-sast-sonar-report.json
409 "
410 `;
411
412 exports[`should follow and complete all steps: Other: sonar-project.properties 1`] = `
413 "sonar.projectKey=my-project
414 sonar.qualitygate.wait=true
415 "
416 `;
417
418 exports[`should follow and complete all steps: sonar token key 1`] = `"SONAR_TOKEN"`;
419
420 exports[`should follow and complete all steps: sonarqube host url key 1`] = `"SONAR_HOST_URL"`;
421
422 exports[`should follow and complete all steps: sonarqube host url value 1`] = `"http://localhost:9000"`;